Forum Discussion

  • John's avatar
    John
    Icon for Altostratus rankAltostratus

    So, we noticed that the oAuth server calls out to check token with the provider didn't include SNI in the clienthello in TLS handshake.  There is an option of course on the oAuth server to select a serverside ssl profile where we can set SNI, but we wanted it to be dynamic.  We already use a SNI inject irule (https://my.f5.com/manage/s/article/K41600007), so just tried applying that iRule to the oAuth server and found it works!  So the HTTP_REQUEST and SERVERSSL_CLIENTHELLO_SEND are valid.